Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Display diagnostics in text format for xhr request | Vlad Bokov | 2014-04-14 | 2 | -0/+9 |
| | |||||
* | Update documentation to use Rails.application instead | Marcel Morgan | 2014-04-13 | 1 | -1/+1 |
| | | | | | | | References to ``AppName::Application` removed in favour of ``Rails.application`` as generated with a new rails 4.1 app. [ci skip] | ||||
* | Split search results into 'exact matches' and 'fuzzy matches'. | Winston | 2014-04-11 | 1 | -60/+96 |
| | | | | - also refactored the javascript. | ||||
* | Improve CSS styling for routing error html page. | Winston | 2014-04-11 | 1 | -7/+25 |
| | |||||
* | Implement fuzzy matching for route search on routing error html page. | Winston | 2014-04-11 | 1 | -8/+10 |
| | |||||
* | Avoid URI parsing | Andriel Nuernberg | 2014-04-09 | 1 | -5/+8 |
| | | | | | This parsing is unecessary once the Request object already has the needed information. | ||||
* | Append link to bad code to backtrace when exception is SyntaxError | Boris Kuznetsov | 2014-03-27 | 1 | -0/+8 |
| | |||||
* | The digest option is no longer honoured since Rails 3.0 [ci skip] | Godfrey Chan | 2014-03-20 | 1 | -1/+1 |
| | | | | Closes #8513 | ||||
* | only write the jar if the response isn't committed | Aaron Patterson | 2014-03-12 | 1 | -5/+16 |
| | | | | | | | | | | | when streaming responses, we need to make sure the cookie jar is written to the headers before returning up the stack. This commit introduces a new method on the response object that writes the cookie jar to the headers as the response is committed. The middleware and test framework will not write the cookie headers if the response has already been committed. fixes #14352 | ||||
* | :scissors: | Zachary Scott | 2014-02-23 | 1 | -1/+1 |
| | | | | This commit also addresses rails/docrails#169 and rails/rails#14159 | ||||
* | Fix parameter naming in RemoteIp middleware constructor method | KalabiYau | 2014-02-18 | 1 | -2/+2 |
| | | | | | Was custom_proxies in inline docs, but should be and defined in constructor as custom_proxies | ||||
* | rm warning about variable shadowing | Godfrey Chan | 2014-02-11 | 1 | -2/+2 |
| | |||||
* | Migrate hash-based cookie values correctly | Godfrey Chan | 2014-02-11 | 1 | -2/+4 |
| | |||||
* | Missed FlashHash#replace | Godfrey Chan | 2014-02-11 | 1 | -1/+1 |
| | |||||
* | Fixed broken flash tests | Godfrey Chan | 2014-02-11 | 1 | -1/+1 |
| | |||||
* | Re-write legacy (marshal) cookies on read | Godfrey Chan | 2014-02-11 | 1 | -20/+40 |
| | |||||
* | Stringify the incoming hash in FlashHash | Guillermo Iguaran | 2014-02-11 | 1 | -1/+3 |
| | | | | | Stringify the incoming as well to handle incoming symbol keys from marshalled sessions | ||||
* | Convert FlashHash in a Hash with indifferent access | Guillermo Iguaran | 2014-02-11 | 1 | -4/+15 |
| | |||||
* | Added HybridSerializer to upgrade existing marshal cookies (wip: need tests) | Godfrey Chan | 2014-02-11 | 1 | -0/+14 |
| | |||||
* | Renamed session_serializer option to cookies_serializer | Godfrey Chan | 2014-02-11 | 3 | -42/+30 |
| | |||||
* | Updated the cookie docs to use the safer JSON.{generate,parse} | Godfrey Chan | 2014-02-08 | 1 | -5/+5 |
| | | | | cc @senny | ||||
* | Rely on backticks instead of tt tags [ci skip] | Robin Dupret | 2014-02-08 | 1 | -2/+2 |
| | | | | | Since the language in code blocks is inferred, if the code contains tt tags, the block will be parsed as XML for instance while it is Ruby. | ||||
* | docs, Cookie values are String based. Closes #12860. [ci skip] | Yves Senn | 2014-02-08 | 1 | -7/+7 |
| | |||||
* | Modify the session serializer implementation | Guillermo Iguaran | 2014-01-30 | 1 | -3/+5 |
| | | | | | Rename allowed options to :marshal and :json, for custom serializers only allow the use of custom classes. | ||||
* | Allow session serializer key in config.session_store | Lukasz Sarnacki | 2014-01-29 | 3 | -2/+41 |
| | | | | | | | | | | | | | MessageEncryptor has :serializer option, where any serializer object can be passed. This commit make it possible to set this serializer from configuration level. There are predefined serializers (:marshal_serializer, :json_serialzier) and custom serializer can be passed as String, Symbol (camelized and constantized in ActionDispatch::Session namepspace) or serializer object. Default :json_serializer was also added to generators to provide secure defalt. | ||||
* | always use a block for cleanup / prepare callbacks so we can clean the ↵ | Aaron Patterson | 2014-01-28 | 1 | -0/+9 |
| | | | | method signature | ||||
* | scope is not necessary | Aaron Patterson | 2014-01-28 | 1 | -2/+2 |
| | |||||
* | Fix Encoding::CompatibilityError when public path is UTF-8 | Andrew White | 2013-12-29 | 1 | -3/+3 |
| | | | | | | | | | | | | | | In #5337 we forced the path encoding to ASCII-8BIT to prevent static file handling from blowing up before an application has had chance to deal with possibly invalid urls. However this has a negative side effect of making it an incompatible encoding if the application's public path has UTF-8 characters in it. To work around the problem we check to see if the path has a valid encoding once it has been unescaped. If it is not valid then we can return early since it will not match any file anyway. Fixes #13518 | ||||
* | Update secret_key_base Docs | robertomiranda | 2013-12-15 | 2 | -10/+11 |
| | |||||
* | Spelling and Grammar checks | Akshay Vishnoi | 2013-12-12 | 1 | -2/+2 |
| | |||||
* | Remove deprecated cattr_* requires | Genadi Samokovarov | 2013-12-03 | 1 | -1/+1 |
| | |||||
* | [ci skip] Removing some gender sensitive object pronouns | Tejas Dinkar | 2013-12-02 | 1 | -2/+2 |
| | |||||
* | class methods moved to already defined class<<self block | Akshay Vishnoi | 2013-11-15 | 1 | -6/+6 |
| | |||||
* | Revert "Merge pull request #9660 from ↵ | Guillermo Iguaran | 2013-11-02 | 1 | -2/+1 |
| | | | | | | | | | sebasoga/change_strong_parameters_require_behaviour" This reverts commit c2b5a8e61ba0f35015e6ac949a5c8fce2042a1f2, reversing changes made to 1918b12c0429caec2a6134ac5e5b42ade103fe90. See: https://github.com/rails/rails/pull/9660#issuecomment-27627493 | ||||
* | Merge pull request #9660 from ↵ | Guillermo Iguaran | 2013-11-01 | 1 | -1/+2 |
|\ | | | | | | | | | sebasoga/change_strong_parameters_require_behaviour Change ActionController::Parameters#require behavior when value is empty | ||||
| * | Change ActionController::Parameters#require behavior when value is empty | Sebastian Sogamoso | 2013-03-11 | 1 | -1/+2 |
| | | | | | | | | | | When the value for the required key is empty an ActionController::ParameterMissing is raised which gets caught by ActionController::Base and turned into a 400 Bad Request reply with a message in the body saying the key is missing, which is misleading. With these changes, ActionController::EmptyParameter will be raised which ActionController::Base will catch and turn into a 400 Bad Request reply with a message in the body saying the key value is empty. | ||||
* | | Warnings removed for ruby trunk | Arun Agrawal | 2013-11-01 | 1 | -1/+1 |
| | | | | | | Same as 4d4ff531b8807ee88a3fc46875c7e76f613956fb | ||||
* | | Remove surprise if from show_exception middleware | Prem Sichanugrist | 2013-10-27 | 1 | -2/+5 |
| | | | | | | This increase the readability within the rescue block. | ||||
* | | Merge branch 'fix-ip-spoof-errors' of https://github.com/tamird/rails into ↵ | Andrew White | 2013-09-30 | 1 | -1/+1 |
|\ \ | | | | | | | | | | tamird-fix-ip-spoof-errors | ||||
| * | | make sure both headers are set before checking for ip spoofing | Tamir Duberstein | 2013-06-04 | 1 | -1/+1 |
| | | | |||||
* | | | Display exceptions in text format for xhr request | Kir Shatrov | 2013-08-22 | 13 | -13/+84 |
| | | | |||||
* | | | Escape the message of an exception in debug_exceptions to avoid bad rendering | Adrien Siami | 2013-08-21 | 5 | -5/+5 |
| | | | |||||
* | | | Use Request#raw_post instead Request#body | Paul Nikitochkin | 2013-07-08 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | | | | | In order to get raw_post to be not empty after ParamsParser#parse_formatted_parameters, added rewinding of body stream input on parsing json params. Closes #11345 | ||||
* | | | Space is not required for Set-Cookie header | Yamagishi Kazutoshi | 2013-07-05 | 1 | -1/+1 |
| | | | |||||
* | | | Missing closing + in documentation [ci skip] | Edho Arief | 2013-07-04 | 1 | -1/+1 |
| | | | |||||
* | | | Merge pull request #11069 from ykzts/actiondispatch-ssl-secure-flag-igonore-case | Guillermo Iguaran | 2013-06-24 | 1 | -1/+1 |
|\ \ \ | | | | | | | | | Flag cookies as secure with ignore case in ActionDispatch::SSL | ||||
| * | | | Flag cookies as secure with ignore case in ActionDispatch::SSL | Yamagishi Kazutoshi | 2013-06-24 | 1 | -1/+1 |
| | | | | |||||
* | | | | ActionDispatch:SSL: don't include STS header in non-https responses | Geoff Buesing | 2013-06-23 | 1 | -2/+1 |
|/ / / | |||||
* / / | Grammar nazi at work [ci skip] | Paweł Gościcki | 2013-06-12 | 1 | -1/+1 |
|/ / | |||||
* | | Extract ActionDispatch::Request#deep_munge | Genadi Samokovarov | 2013-05-30 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | ActionDispatch::Request#deep_munge was introduced as a private method, but was turned into a public one for the use of ActionDispatch::ParamsParser. I have extracted it into ActionDispatch::Request::Utils, so it does not get mixed up with the Request public methods. |